RiskLens Blog

What Does a Gartner Shift From GRC to IRM Mean for Risk Management Programs?

Posted February 22, 2019 by Isaiah McGowan

John Wheeler, lead analyst at Gartner for integrated risk management (IRM)  solutions, penned a piece calling for an evolution from compliance-aware to risk-aware governance programs. What does that mean for the risk management programs of the world? ... Continue Reading

Case Study: What’s the Value of a Data Retention Policy?

Posted February 13, 2019 by Rebecca Merritt

The bank’s infosecurity team was split on the need for a data retention policy. Half of the team didn’t feel they needed to eliminate customer files because customers would likely open another account down the line ... Continue Reading

Cyber Risk Tops 2019 Worries for Business, Say Conference Board, World Economic Forum

Posted January 22, 2019 by Jeff B. Copeland

Two authoritative surveys of senior corporate leaders on the outlook for 2019 put cyber risk at the top of their list of worries, right up there with recession and climate disasters. ... Continue Reading

Wall St. Journal on Proving Business Value in Cybersecurity to Boards

Posted January 15, 2019 by Jeff B. Copeland

In a new article for the Wall Street Journal's WSJ Pro Cybersecurity newsletter, Kim S. Nash writes that “Corporate security leaders often fight a perception among other senior leaders that cybersecurity efforts bring costs without quantifiable returns. ... Continue Reading

One CISO's Tips on Running a Cybersecurity Program with NIST CSF and FAIR

Posted January 9, 2019 by Jeff B. Copeland

Ian Amit faces a complex management problem as Chief Security Officer at Cimpress, the parent company for multiple independent businesses: Each unit chooses and operates its own technical stack and security and risk management in a “shared security responsibility” model. How to lead from behind? ... Continue Reading

Most Popular RiskLens Blog Posts of 2018 Covered SEC Cyber Policy, Better Heat Maps, and More Signs of Growth in the Cyber Risk Quantification Movement

Posted December 27, 2018 by Jeff B. Copeland

RiskLens and the FAIR risk model are change agents in the world of cyber risk management and the most popular blog posts we published in 2018 are a leading indicator of where the movement is heading. Take a look at the Top 10, by page views: ... Continue Reading

How to Evaluate ROI of Security Investments for GDPR (Case Study)

Posted December 18, 2018 by Jeff B. Copeland

“Security Spending to Rise on GDPR Concerns” headlines a recent edition of the Wall Street Journal’s WSJ Pro Cybersecurity newsletter (subscription required) that details how seriously companies take the EU’s privacy regulations that went into effect last May. ... Continue Reading

Jack Jones in Homeland Security Today: Feds Need a Game Plan for Their ‘Crown Jewels’

Posted December 6, 2018 by Jeff B. Copeland

In a lead article on the Homeland Security Today website, A Game Plan to Identify, Protect Information Crown Jewels, RiskLens Co-Founder and Chief Risk Scientist Jack Jones has some advice for federal agencies required to identify and prioritize risk management on their “crown jewels”: Get a clearer picture on your high-value assets, then get an effective risk analysis model to guide your security investments. ... Continue Reading

Boards Adding Cybersecurity Committees, Wall St. Journal Reports

Posted November 28, 2018 by Jeff B. Copeland

A few pioneering boards are “taking the bold step of forming a full-fledged committee focused on cybersecurity,” the WSJ Pro Cybersecurity newsletter reports (subscribe to the newsletter to read the article).   ... Continue Reading

Case Study: RiskLens Clarifies Complicated Decision on Multifactor Authentication

Posted November 21, 2018 by Tim Wynkoop

I recently ran an analysis for a major bank that I think shows the power of both the FAIR Model for thinking through cybersecurity investment decisions and the power of the RiskLens CRQ platform for quickly running the numbers to support those decisions, often with surprising results.   ... Continue Reading

Sign Up for Blog Updates

Popular Posts